thr3ads.net - Secure testing commits - [Secure-testing-commits] r14891

If this information is useful, please help other people find it:
Share via:
Joey Hess
2010-Jun-21 21:15 UTC
[Secure-testing-commits] r14891 - data/CVE

Author: joeyh
Date: 2010-06-21 21:15:25 +0000 (Mon, 21 Jun 2010)
New Revision: 14891

Modified:
   data/CVE/list
Log:
automatic update

Modified: data/CVE/list
==================================================================---
data/CVE/list	2010-06-20 13:20:40 UTC (rev 14890)
+++ data/CVE/list	2010-06-21 21:15:25 UTC (rev 14891)
@@ -1,3 +1,49 @@
+CVE-2010-2341 (PHP remote file inclusion vulnerability in ...)
+	TODO: check
+CVE-2010-2340 (SQL injection vulnerability in members.php in Arab Portal 2.2,
when ...)
+	TODO: check
+CVE-2010-2339 (SQL injection vulnerability in admin/pages.php in Subdreamer CMS
3.x.x ...)
+	TODO: check
+CVE-2010-2338 (Multiple SQL injection vulnerabilities in redir.asp in VU Web
Visitor ...)
+	TODO: check
+CVE-2010-2337
+	RESERVED
+CVE-2010-2336 (index.php in Yamamah Photo Gallery 1.00 allows remote attackers
to ...)
+	TODO: check
+CVE-2010-2335 (SQL injection vulnerability in index.php in Yamamah Photo
Gallery ...)
+	TODO: check
+CVE-2010-2334 (Directory traversal vulnerability in themes/default/download.php
in ...)
+	TODO: check
+CVE-2010-2333 (LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15
allows ...)
+	TODO: check
+CVE-2010-2332 (Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other
versions ...)
+	TODO: check
+CVE-2010-2331 (Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0
...)
+	TODO: check
+CVE-2010-2330 (Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0
...)
+	TODO: check
+CVE-2010-2329 (Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote
...)
+	TODO: check
+CVE-2010-2328 (The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0
before ...)
+	TODO: check
+CVE-2010-2327 (mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before
...)
+	TODO: check
+CVE-2010-2326 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when
...)
+	TODO: check
+CVE-2010-2325 (Cross-site scripting (XSS) vulnerability in the administrative
console ...)
+	TODO: check
+CVE-2010-2324 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on
z/OS ...)
+	TODO: check
+CVE-2010-2323 (IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on
z/OS ...)
+	TODO: check
+CVE-2010-2322 (Absolute path traversal vulnerability in the extract_jar
function in ...)
+	TODO: check
+CVE-2010-2321 (Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted
remote ...)
+	TODO: check
+CVE-2009-4902 (Buffer overflow in the MSGFunctionDemarshall function in ...)
+	TODO: check
+CVE-2009-4901 (The MSGFunctionDemarshall function in winscard_svc.c in the
PC/SC ...)
+	TODO: check
 CVE-2010-2320
 	RESERVED
 CVE-2010-2319 (SQL injection vulnerability in index.php in IDevSpot TextAds
2.08 ...)
@@ -302,8 +348,7 @@
 	RESERVED
 CVE-2010-2193 (Multiple unspecified vulnerabilities in the CA (1) PSFormX and
(2) ...)
 	NOT-FOR-US: CA Global Advisor
-CVE-2010-2192 [pmount DoS]
-	RESERVED
+CVE-2010-2192 (The make_lockdir_name function in policy.c in pmount 0.9.18
allow ...)
 	{DSA-2063-1}
 	- pmount 0.9.23-1
 CVE-2010-2191 (The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack
functions; ...)
@@ -604,8 +649,7 @@
 	TODO: check
 CVE-2010-2069
 	RESERVED
-CVE-2010-2068 [mod_proxy_http request mixup on timeout]
-	RESERVED
+CVE-2010-2068 (mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server
2.2.9 ...)
 	- apache2 <not-affected> (does not affect UNIX, only Windows, etc.)
 CVE-2010-2067
 	RESERVED
@@ -1343,8 +1387,8 @@
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=38626
 	NOTE: http://trac.webkit.org/changeset/59795
-CVE-2010-1769
-	RESERVED
+CVE-2010-1769 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2
on ...)
+	TODO: check
 CVE-2010-1768
 	RESERVED
 CVE-2010-1767
@@ -1366,8 +1410,7 @@
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=31410
 	NOTE: http://trac.webkit.org/changeset/55157
-CVE-2010-1763
-	RESERVED
+CVE-2010-1763 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2
on ...)
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=39008
 	NOTE: http://trac.webkit.org/changeset/59486
@@ -2489,8 +2532,7 @@
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=28755
 	NOTE: http://trac.webkit.org/changeset/47829
-CVE-2010-1387
-	RESERVED
+CVE-2010-1387 (Unspecified vulnerability in WebKit in Apple iTunes before 9.2
on ...)
 	- webkit <undetermined>
 	NOTE: https://bugs.webkit.org/show_bug.cgi?id=34321
 	NOTE: http://trac.webkit.org/changeset/54129
@@ -4085,8 +4127,8 @@
 	RESERVED
 CVE-2010-0832
 	RESERVED
-CVE-2010-0831
-	RESERVED
+CVE-2010-0831 (Directory traversal vulnerability in the extract_jar function in
...)
+	TODO: check
 CVE-2010-0830 (Integer signedness error in the elf_get_dynamic_info function in
...)
 	{DSA-2058-1}
 	- glibc <removed>
@@ -5308,8 +5350,7 @@
 	- apache2 2.2.15-1 (low)
 	[lenny] - apache2 <no-dsa> (minor issue)
 	NOTE: Will be fixed in s-p-u
-CVE-2010-0407 [pcsc-lite local privilege escalation]
-	RESERVED
+CVE-2010-0407 (Multiple buffer overflows in the MSGFunctionDemarshall function
in ...)
 	{DSA-2059-1}
 	- pcsc-lite 1.5.4-1
 CVE-2010-0406 (OpenTTD before 1.0.1 allows remote attackers to cause a denial
of ...)
@@ -5770,8 +5811,8 @@
 	[lenny] - gnome-screensaver <no-dsa> (Minor issue)
 	NOTE:
http://git.gnome.org/browse/gnome-screensaver/commit/?id=2f597ea9f1f363277fd4dfc109fa41bbc6225aca
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=593616
-CVE-2010-0284
-	RESERVED
+CVE-2010-0284 (Directory traversal vulnerability in the getEntry method in the
...)
+	TODO: check
 CVE-2010-0283 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5)
1.7 ...)
 	- krb5 1.8+dfsg~alpha1-7
 	[lenny] - krb5 <not-affected> (Only affects krb5 >= 1.7)
Secure testing commits - Jun 2010 - r14891 - data/CVE

[Secure-testing-commits] r14891 - data/CVE
